chrisgrim
1 week ago

Stuggling to really understand Middleware

Posted 1 week ago by chrisgrim

Hi, I am struggling to understand my middleware. I am trying to setup a moderator area. In my controller I have

    public function __construct()
    {
        $this->middleware('moderator');
    }

and in my kernel I have

'moderator' => \App\Http\Middleware\IsModerator::class,

and for my middleware I have

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\Auth;

class IsModerator
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (Auth::user() && Auth::user()->isModerator()) {
            return $next($request);
        }

        return redirect('/');
    }
}

and in my user model I have

public function isModerator() {
        return $this->where('type', 'm')->orWhere('type', 'a')->exists();
    }

However this currently allows anyone to see the page, even if they are type 'g' and not type 'm' or 'a'. I was thinking that the middleware just wasn't working but if I change it to

if (Auth::user() && Auth::user()->isModerator()) {
            return return redirect('/');
        }

        return redirect('/');

it will actually catch me and return me to the home page. What am I doing wrong?

Please sign in or create an account to participate in this conversation.